SSH keys as part of Image Builder not working

Hi All,

hope anyone has an idea how I get SSH keys injected via image builder.

As part of my image builder images I am adding my passwd, group files to /etc and create the user directory and add a SSH key to the user ssh folder authorized_keys.

Logins via username/password are working fine but when I try to login with the ssh key I get the following error message:

router dropbear[16602]: /home/XYZ must be owned by user or root, and not writable by others

on the client I get

debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51

But the user folder is owned by the user and not writeable by other!

root@router:~# ls -lah /home/
drwxrwxr-x    1 root     root           0 Oct 24 17:01 .
drwxr-xr-x    1 root     root           0 Oct 29 12:18 ..
drwxrwx---    1 XYZ    XYZ          0 Jan  1 16:13 XYZ

I use files/etc/dropbear/authorized_keys.

Thanks for the suggestion but that doesn't make a difference and especially would also not explain why it works when using useradd to create user and add the authorized_keys in the user folder.

Have your script remove write for group (chmod -R g-w /home/XYZ)

2 Likes

Thanks that was the solution, but WHY? I am the only member that group so the home folder is not writable by anyone else than me!
But yeah just tried it on another server same behavior. Really interesting that it never happened before to me.

The “why” is that SSH keys should only be writable by the user, and includes the user home directory where the .ssh directory lives. It doesn’t bother trying to see who is in the group, since group membership can change at any time.

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.